• iconNews
  • videos
  • entertainment
  • Home
  • News
    • UK News
    • US News
    • Australia
    • Ireland
    • World News
    • Weird News
    • Viral News
    • Sport
    • Technology
    • Science
    • True Crime
    • Travel
  • Entertainment
    • Celebrity
    • TV & Film
    • Netflix
    • Music
    • Gaming
    • TikTok
  • LAD Originals
    • Say Maaate to a Mate
    • Daily Ladness
    • Lad Files
    • UOKM8?
    • FreeToBe
    • Extinct
    • Citizen Reef
  • Advertise
  • Terms
  • Privacy & Cookies
  • LADbible Group
  • UNILAD
  • SPORTbible
  • GAMINGbible
  • Tyla
  • UNILAD Tech
  • FOODbible
  • License Our Content
  • About Us & Contact
  • Jobs
  • Latest
  • Topics A-Z
  • Authors
Facebook
Instagram
X
Threads
Snapchat
TikTok
YouTube

LAD Entertainment

YouTube

LAD Stories

Submit Your Content
Sinister Android app poses as major brand but could empty your bank

Home> News> Technology

Published 15:22 5 Apr 2024 GMT+1

Sinister Android app poses as major brand but could empty your bank

Don't get caught out by the malware

Tom Earnshaw

Tom Earnshaw

People who own an Android phone have been warned over a sinister piece of software that is disguising itself as a legitimate antivirus app.

The almost cruel masquerading act will see your phone infected by clicking on the app that you believe is going to help keep your phone free of viruses.

And it is sadly not a new phenomenon, with this kind of fake app scam being first spotted back in early 2021. It joins a very long list of ways scammers try and take over your phone, with one recent warning coming via WhatsApp.

Advert

By clicking on the new version of what is known as an Android banking trojan, you will open up your phone and its data to hackers who will then take your data and could even then empty your bank account with the details they've acquired.

Cybersecurity researchers from NCC Group’s Fox-IT were the first to warn about this kind of software.

Explaining, they said a new version the Vultur banking trojan has been detected with some significant changes to how it targets victims since first being spotted three years ago.

An Android phone.
Nikolas Kokovlis/NurPhoto via Getty Images

They explain that previous versions of the Vultur banking trojan were found put on to peoples' phones via apps that were smuggled on to the Google Play Store.

Advert

Now, the updated app combines something called smishing - which is where you are sent fake mobile text messages to trick you in to downloading malware - and legitimate apps.

Reports have said one version of the malware portrays it to look like McAfee, a legitimate antivirus software you can download on to your phone to keep it safe.

Cyber-criminals will target a victim by sending them a warning of an unauthorised payment from their accounts.

A Samsung Galaxy phone that used an Android OS.
Joan Cros/NurPhoto via Getty Images

To fix it, you're then sent a phone number to call.

Advert

But this is a scam where the victims who take the bait are then told to download a rogue version of the McAfee Security app from the Play Store.

The apps are loaded on to the Play Store via a malware dropper called Brunhilda, which puts three kinds of malware on to your device in an attempt to try and take control of your phone.

Android users are being targeted.
Getty Stock Images

Those who fall victim will find their phones screen recorded by hackers, your keyboard tracked so as to know your passwords, and remote access of your device from anywhere in the world.

A Google spokesperson told BleepingComputer: "Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services.

Advert

"Google Play Protect can warn users or block apps known to exhibit malicious behaviour, even when those apps come from sources outside of Play."

Featured Image Credit: Nikolas Kokovlis/Joan Cros/NurPhoto via Getty Images

Topics: Crime, Phones, Samsung, Technology, UK News, US News, World News, Google

Tom Earnshaw
Tom Earnshaw

Tom joined LADbible Group in 2024, currently working as SEO Lead across all brands including LADbible, UNILAD, SPORTbible, Tyla, UNILAD Tech, and GAMINGbible. He moved to the company from Reach plc where he enjoyed spells as a content editor and senior reporter for one of the country's most-read local news brands, LancsLive. When he's not in work, Tom spends his adult life as a suffering Manchester United supporter after a childhood filled with trebles and Premier League titles. You can't have it all forever, I suppose.

X

@TREarnshaw

Advert

Advert

Advert

Choose your content:

7 hours ago
9 hours ago
10 hours ago
  • 7 hours ago

    Judge rules Sean ‘Diddy’ Combs will remain behind bars as bail is denied

    The hip hop producer has been in federal detention since September 2024

    News

    breaking

  • 9 hours ago

    Met Police advice on 'sextortion' after boy, 14, dies after thinking he was flirting with woman online

    The teenager ended his life after being blackmailed over intimate images he'd sent online

    News
  • 9 hours ago

    Doctors make shocking discovery after toddler hospitalised with stomach pains

    Madeline Dunne's son was rushed to the hospital for a near-fatal reason

    News
  • 10 hours ago

    Murder suspect Bryan Kohberger pleads guilty to killing four Idaho students to avoid death penalty

    The four University of Idaho students were killed in November 2022

    News

    breaking

  • How to make sure your phone doesn't have 'heatwave meltdown' as temperatures in UK to hit 35 degrees
  • Brits warned phones could stop working and you’ll need to buy a new one after major 2025 network change
  • Controversial Ryanair rule change gets new date as passengers threaten to fly with other airlines
  • Martin Lewis explains new rules for using your phone abroad as 'confusing' policy scrapped